<?php
/**
 * lostpassword.php 找回密码
 * 当用户忘记密码后可以进入到该页面进行相应的处理，以便重新获得自己的密码。
 */
require_once 'setting.php';
require_once 'smarty.php';

require_once 'functions.php';
require_once INCLUDESPATH . 'db/User.php';
require_once INCLUDESPATH . 'db/UserDAO.php';

# start the session function
if (!isset($_SESSION)) {
	session_start();
}

$smarty = new MySmarty();

# << start - get current step
$step = 0;

if (isset($_GET['step'])) {
	if ($_GET['step'] == 1) {
		$step = 1;
	} elseif ($_GET['step'] == 2) {
		$step = 2;
	} elseif ($_GET['step'] == 3) {
		$step = 3;
	} else {
		$step = 0;
	}
}
# >> end - get current step

# << start - help Jack find his password
switch ($step) {
	case 0:
		loststep0();
		break;
	case 1:
		loststep1();
		break;
	case 2:
		loststep2();
		break;
	case 3:
		loststep3();
		break;
}
# >> end - help jack find his password

# << start - lost step 0
/**
 *  show Jack the start page
 */
function loststep0() {
	jumpToPage('lostpassword.php?step=1');
}
# >> end - lost step 0

# << start - get Jack inputs username
/**
 * Get Jack input of username
 */
function loststep1() {
	if (isset($_POST['username'])) {
		$username = $_POST['username'];
		if ($username == '') {
			showLostPage(1, '', 'Please enter an username or email.');
		} elseif (!validUsername($username)) {
			showLostPage(1, '', 'Invalid Username');
		} else {
			$user = userExist($username);
			if ($user) {
				$_SESSION['lostuser'] = $user;
				jumpToPage('lostpassword.php?step=2');
				exit;
			} else {
				showLostPage(1, '', 'This user doesn\'t exist');
			}
		}
	} else {
		showLostPage(1);
	}
}
# >> end - get Jack inputs username

function loststep2() {
	if (isset($_POST['answer'])) {
		$answer = $_POST['answer'];
		if ($answer == '') {
			showLostPage(1, '', 'Please enter the answer.');
		} elseif (!validAnswer($answer)) {
			showLostPage(1, '', 'Invalid answer');
		} else {
			if (md5($answer) == $_SESSION['lostuser']->getAnswer()) {
				jumpToPage('lostpassword.php?step=3');
				exit;
			} else {
				showLostPage(2, '', 'Your answer is incorrect.');
			}
		}
	} else {
		showLostPage(2);
	}
}

function loststep3() {
	if (isset($_POST['password']) && isset($_POST['repassword'])) {
		$password = $_POST['password'];
		$repassword = $_POST['repassword'];
		if ($password == '' || $repassword == '') {
			showLostPage(3, '', 'Please enter the password and repassword.');
		} else {
			if (!(validPassword($password))) {
				showLostPage(3, '', 'Invalid password.');
			} elseif (!(validPasswords($password, $repassword))) {
				showLostPage(3, '', 'The password and repassword are not equal.');
			} else {
				$password = md5($password);
				# save the password
				$user = $_SESSION['lostuser'];
				$user->setPassword($password);
				$userdao = new UserDAO();
				$userdao->update($user);
				# jump to sign in page
				jumpToPage('signin.php');
				# delete relative data
				unset($_SESSION['lostuser']);
				exit;
			}
		}
	} else {
		showLostPage(3);
	}
}

# << start - show lost page
/**
 * Show the lost password page whit given page number.
 *
 * @param $page
 * @param $title
 * @param $errormessage
 */
function showLostPage($page, $title = '', $errormessage = '') {
	global $smarty;
	$smarty->assign('title', $title);
	$smarty->assign('page', $page);
	if ($page == 2 || $page == 3) {
		if (!(isset($_SESSION['lostuser']))) {
			jumpToPage('lostpassword.php?step=1');
			exit;
		} else {
			if ($page == 2) {
				$smarty->assign('question', $_SESSION['lostuser']->getQuestion());
			}
		}
	}
	if ($errormessage != '') {
		$smarty->assign('errormessage', $errormessage);
	}

	$smarty->display("lostpassword.tpl");
}
# >> end - show lost page

?>